[CRIU] Network unlock issue when checkpointing with -R
Frederico Araujo
araujof at gmail.com
Tue Oct 29 15:20:03 PDT 2013
Hi there,
I noticed that when checkpointing with the option -R, the iptables filters
are not being cleaned. I checked CRIU's log and this is what i have:
...
pie: 1067: Restored
(00.059424) Unlock network
(00.059454) Running iptables [iptables -t filter -D INPUT --protocol tcp
--source 10.0.3.1 --sport 50373 --destination 10.0.3.236 --dport 8080 -j
DROP]
iptables: Bad rule (does a matching rule exist in that chain?).
(00.062168) Error (util.c:574): waitpid() failed: No child processes
(00.062193) Error (netfilter.c:69): Iptables configuration failed: No child
processes
(00.062204) Running iptables [iptables -t filter -D OUTPUT --protocol tcp
--source 10.0.3.236 --sport 8080 --destination 10.0.3.1 --dport 50373 -j
DROP]
iptables: Bad rule (does a matching rule exist in that chain?).
...
Then, I checked my iptables after checkpointing and the exact rules are in
there. I manually executed the above iptables commands after checkpointing
and it successfully cleans the filters. Is this a known issue/bug or am
doing something wrong?
I'm using criu to checkpoint a instance of Apache Server. To reproduce the
scenario, you have to have an established connection to the server.
Cheers,
Fred
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openvz.org/pipermail/criu/attachments/20131029/1dd42880/attachment.html>
More information about the CRIU
mailing list